Opened 5 years ago
Closed 5 years ago
#50179 closed defect (bug) (invalid)
all HTTP methods allowed on /login
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | General | Keywords: | close reporter-feedback |
Focuses: | Cc: |
Description
It seems that almost all http methods are allowed on /login, on all other resources anything other than GET, HEAD or POST will return a 405 response, but on /login every method returns a 200 response.
Change History (3)
Note: See
TracTickets for help on using
tickets.
Hi @ptasec,
Welcome to trac! Could you share more details about the request you are making? There is no
/login
route in WordPress Core, you'll only be redirected towp-login.php
.As far as I'm aware, WordPress also only sends a
405
error in limited circumstances the REST API, XML-RPC, IXR and commenting. Just making aPUT
request to the homepage of a stock WordPress install does not generate a 405 for me. Are you sure this isn't your web server sending the error?